This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2020-04-14
Channels
- # announcements (7)
- # babashka (51)
- # beginners (292)
- # calva (37)
- # chlorine-clover (40)
- # cider (5)
- # clj-kondo (83)
- # cljs-dev (26)
- # cljsrn (36)
- # clojure (172)
- # clojure-argentina (5)
- # clojure-austin (1)
- # clojure-australia (9)
- # clojure-europe (3)
- # clojure-france (7)
- # clojure-gamedev (3)
- # clojure-nl (3)
- # clojure-spec (4)
- # clojure-uk (34)
- # clojurescript (46)
- # community-development (1)
- # conjure (26)
- # core-async (28)
- # data-science (2)
- # datascript (2)
- # datomic (61)
- # devcards (3)
- # emacs (7)
- # events (2)
- # fulcro (65)
- # graalvm (57)
- # instaparse (2)
- # juxt (21)
- # luminus (6)
- # off-topic (21)
- # pathom (1)
- # pedestal (15)
- # reagent (1)
- # shadow-cljs (19)
- # spacemacs (3)
- # specter (1)
- # sql (14)
- # unrepl (4)
- # vscode (1)
- # xtdb (1)
- # yada (4)
You can see the implementation here: https://github.com/pedestal/pedestal/blob/master/jetty/src/io/pedestal/http/jetty.clj Check the comments towards the end.
It's a bit of a pain, but the following service map works (you can ignore the web socket stuff). Notes about the keystore are below.
(def service-map
(let
[keystore-location
(if (System/getenv "KEYSTORE_LOCATION")
(-> (io/file (System/getenv "KEYSTORE_LOCATION"))
(.getCanonicalPath))
"/home/user/security/jetty-keystore")]
{::http/host "0.0.0.0"
::http/allowed-origins
{:allowed-origins (fn[_] true)
:creds true}
::http/routes #(deref #'routes)
::http/type :jetty
::http/container-options
{:context-configurator jetty-websocket-configurator
:h2c? true
:h2 true
:ssl? true
:ssl-port 8081
:keystore keystore-location
:key-password "thepassword"
:security-provider "Conscrypt"}
::http/port 8080}))$ openssl genrsa -des3 -out site.key 2048$ cp site.key site.orig.key
$ openssl rsa -in site.orig.key -out site.key$ openssl req -new -key site.key -out site.csr$ openssl req -new -x509 -key site.key -out sitex509.crt$ openssl pkcs12 -inkey site.key -in sitex509.crt -export -out site.pkcs12Can you please write a blog post about this? That will be very helpful for anyone needing to do the same thing. And thanks!
That's a good idea. Thanks. It's at https://heykieran.github.io/posts/pedestal-jetty-https/
I have a question about
(fern/lit vase.datomic.cloud/clientjava.lang.AbstractMethodError: Receiver class datomic.client.impl.shared.Client does not define or inherit an implementation of the resolved method abstract create_database(Ljava/lang/Object;)Ljava/lang/Object; of interface datomic.client.impl.shared.protocols.Client.
at datomic.client.api.async$create_database.invokeStatic(async.clj:148)
at datomic.client.api.async$create_database.invoke(async.clj:140)
at datomic.client.api.sync.Client.create_database(sync.clj:73)
at datomic.client.api$create_database.invokeStatic(api.clj:144)
at datomic.client.api$create_database.invoke(api.clj:135)
at com.cognitect.vase.fern.CloudConnection._interceptor(fern.clj:94)Oh I see, this is a special case > NOTE: create-database is not available with peer-server. > Use a Datomic Peer to create databases with Datomic On-Prem.
it would be nice if I could disable that (client/create-database call from the config
@U793EL04V thanks for pointing this out. In retrospect, DB lifecycle management should be done independently. Including calls to create-database for every request is not recommended. This new learning led to me changing the pedestal.ions sample app (https://github.com/pedestal/pedestal-ions-sample#database-life-cycle-management). I’m going to create an issue capture that this needs to be followed up on.
In that sample I adopted the approach taken by the Datomic Ions tutorial (https://docs.datomic.com/cloud/ions/ions-tutorial.html#orgd70504f)
I’m incorrect, the code you linked creates the db on interceptor creation only. Still, it should be done explicitly and elsewhere
Yeah I'm combining integrant with vase & pedestal in order to manage lifecycle and dependencies